#!/bin/bash

# Ruleset 2
# Allow OUTGOING protocols: HTTP, SMTP, SSH

# HTTP
iptables -t mangle -A OUTPUT -j DROP -m ipcontext --ipcontext_port 80 --ipcontext_protocol http --ipcontext_regexp "get*" --ipcontext_log

# SMTP
iptables -t mangle -A OUTPUT -j DROP -m ipcontext --ipcontext_port 25 --ipcontext_protocol smtp --ipcontext_regexp "EHLO" --ipcontext_log

#SSH
iptables -t mangle -A OUTPUT -j DROP -m ipcontext --ipcontext_port 22 --ipcontext_protocol ssh --ipcontext_regexp "^ssh-[12]\.[0-9]" --ipcontext_log

# default rule
iptables -t mangle -A OUTPUT -p tcp -m multiport --dports ! 80,25,22 -j DROP


